Description:
Previous versions of the openssh package are vulnerable to a remote
denial of service attack. They are also vulnerable to a minor
information exposure attack that may expose valid usernames in
some configurations.